IN THE CLAIMS : 

Please amend claims 1, 7-8, 13, 22, and 26-28, cancel claims 11 and 23, and add 
claims 29-37 as follows. 

1 . (Currently Amended) A method of setting up a security association between a 
first node and a second node in a packet switched environment, comprising: 

forwarding a prefix value fi:om fee-a^first node to the-a.second node in a packet 
switched environment , said prefix value referring to a portion of the -a first internet 
protocol address associated with the first node; and 

creating a security association between the first node and the second node based 
on the prefix value; 

wherein the security association is valid for a plurality of different intemet 
protocol addresses, each of said plurality of internet protocol addresses including said 
portion of the first intemet protocol address to which the prefix value refers . 

2. (Previously Presented) A method as claimed in claim 1, wherein the packet 
switched environment is a intemet protocol multimedia subsystem of a 3rd generation 
network 

3. (Currently Amended) A method as claimed in claim U wherein the first 
node is user equipment. 



4. (Previously Presented) A method as claimed in claim 1, wherein the second 
node is a proxy call state control function entity. 

5. (Previously Presented) A method as claimed in claim 28, wherein the 
message is a protocol message 

6. (Previously Presented) A method as claimed in claim 5, wherein the 
protocol a session initiation protocol. 

7. (Currently Amended) A method as claimed in claim 4 -28, wherein the 
message is a session initiation protocol register message. 

8. (Currently Amended) A method as claimed in claim 4 r28. wherein the prefix 
value is included in a header of the message. 

9. (Previously Presented) A method as claimed in claim 8, wherein the header 
is a security client header 

10. (Currently Amended) A method as claimed in claim 9, wherein the prefix 
value is included in an extension parameter of the security client header 
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11. (Canceled) 



12. (Previously Presented) A method as claimed in claim 1, wherein the prefix 
value is allocated by a gateway general packet radio service support node. 

13. (Currently Amended) A system^ comprising: 

a first node and a second node in a packet switched environment, wherein the first 
node is configured to forward its-a_prefix value in a message to the second node, said 
prefix value referring to a portion of fee -a first internet protocol address of the first 
nodeJX,]] ! and wherein 

the second node is configured to create a security association with the first node 
based on the prefix value: 

wherein the security association is valid for a plurality of different internet 
protocol addresses, each of said plurality of internet protocol addresses including said 
portion of the first internet protocol address to which the prefix value refers . 

14. (Previously Presented) A system as claimed in claim 13, wherein the packet 
switched environment is a intemet protocol multimedia subsystem of a 3rd generation 
network. 
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15. (Previously Presented) A system as claimed in claim 13, wherein the first 
node is user equipment, 

16. (Previously Presented) A system as claimed in claim 13, wherein the second 
node is a proxy call state control function entity. 

17. (Original) A system as claimed in claim 13, wherein the message is a protocol 
message. 

18. (Previously Presented) A system as claimed in claim 17, wherein the protocol 
session initiation protocol. 

19. (Previously Presented) A system as claimed in claim 13, wherein the message 
is a register message. 

20. (Original) A system as claimed in claim 13, wherein the prefix value is 
included in a header of the message. 

21. (Previously Presented) A system as claimed in claim 20, wherein the header is 
a security-client header. 



22. (Currently Amended) A system as claimed in claim 21, wherein he -the p refix 
value is included in an extension parameter of the security-client header. 

23. (Canceled) 

24. (Previously Presented) A system as claimed in claim 13, wherein the prefix 
value is allocated to the user equipment by a gateway general packet radio service 
support node. 

25. (Cancelled) 

26. (Currently Amended) A communication terminal in a packet switch e d 
environment, comprising: 

a prefix value to be forwarded to a node in fee-a_packet switched environment to 
create a security association with the communication terminal, said prefix value referring 
to a portion of the -a first intemet protocol address of the communication terminal; 

wherein the security association is valid for a plurality of different internet 
protocol addresses, each of said plurality of intemet protocol addresses including said 
portion of the first intemet protocol address to which the prefix value refers . 

27. (Currently Amended) A security association apparatus[[,]] comprising: 
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a first communication means and a second communication means in a packet 
switched environmental 

forwarding means for forwarding a prefix value in a message fi'om the first 
communication means to the second communication means, said prefix value referring to 
a portion of fee -a first intemet protocol address of the first communication means^; aftd 

creating means for creating a security association between the first communication 
means and the second communication means based on the prefix value; 

wherein the security association is valid for a plurality of different intemet 
protocol addresses, each of said plurality of intemet protocol addresses including said 
portion of the first internet protocol address to which the prefix value refers . 

28. (Currently Amended) A method as claimed in claim 1, wherein the st e p of 
forwarding of athe prefix value fi"om the first node to the second node^ comprises 
forwarding the prefix value in a message. 

29. (New) A communication terminal comprising: 

forwarding means for forwarding a prefix value to a node in a packet switched 
environment to create a security association with the communication terminal, said prefix 
value referring to a portion of a first intemet protocol address of the communication 
terminal; 
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wherein the security association is vaUd for a pluraUty of different internet 
protocol addresses, each of said plurality of internet protocol addresses including said 
portion of the first internet protocol address to which the prefix value refers. 

30. (New) A security association apparatus comprising: 

a first communication unit and a second communication unit in a packet switched 
environment; 

a forwarding unit configured to forward a prefix value in a message from the first 
communication unit to the second communication unit, said prefix value referring to a 
portion of the intemet protocol address of the first communication unit; and 

a creating unit configured to create a security association between the first 
communication unit and the second communication unit based on the prefix value; 

wherein the security association is valid for a plurality of different intemet 
protocol addresses, each of said plurality of intemet protocol addresses including said 
portion of the first intemet protocol address to which the prefix value refers. 

31. (New) A second node comprising: 

a receiving unit for receiving a prefix value firom a first node in a packet switched 
environment, said prefix value referring to a portion of a first intemet protocol address of 
the first node; and 
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a creation unit for creating a security association between the first node and the 
second node based on the prefix value; 

wherein the security association is vaUd for a plurality of different internet 
protocol addresses, each of said plurality of internet protocol addresses including said 
portion of the first internet protocol address to which the prefix value refers. 

32. (New) A second node comprising: 

receiving means for receiving a prefix value from a first node in a packet switched 
environment, said prefix value referring to a portion of a first intemet protocol address of 
the first node; and 

creation means for creating a security association between the first node and the 
second node based on the prefix value; 

wherein the security association is valid for a plurality of different intemet 
protocol addresses, each of said plurality of intemet protocol addresses including said 
portion of the first intemet protocol address to which the prefix value refers, 

33. (New) A method as claimed in claim 1, wherein another of the plurality of 
intemet protocol addresses, in addition to the first intemet protocol address, is an intemet 
protocol address of the first node. 
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34. (New) A system as claimed in claim 13, wherein another of the plurality of 
intemet protocol addresses, in addition to the first internet protocol address, is an intemet 
protocol address of the first node. 

35. (New) A communication terminal as claimed in claim 26, wherein another of 
the plurality of intemet protocol addresses, in addition to the first intemet protocol 
address, is an intemet protocol address of the first node. 

36. (New) A security association apparatus as claimed in claim 30, wherein 
another of the plurality of intemet protocol addresses, in addition to the first intemet 
protocol address, in an intemet protocol address of the first node. 

37. (New) A second node as claimed in claim 31, wherein another of the plurality 
of intemet protocol addresses, in addition to the first intemet protocol address, is an 
intemet protocol address of the first node. 
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